git: 58cfd7554d81 - 2021Q2 - net/wireguard-kmod: Update to 0.0.20210428
Bernhard Froehlich
decke at FreeBSD.org
Thu Apr 29 11:20:05 UTC 2021
The branch 2021Q2 has been updated by decke:
URL: https://cgit.FreeBSD.org/ports/commit/?id=58cfd7554d813e3e2502f10e26c13329d2329599
commit 58cfd7554d813e3e2502f10e26c13329d2329599
Author: Bernhard Froehlich <decke at FreeBSD.org>
AuthorDate: 2021-04-29 09:36:28 +0000
Commit: Bernhard Froehlich <decke at FreeBSD.org>
CommitDate: 2021-04-29 11:17:39 +0000
net/wireguard-kmod: Update to 0.0.20210428
(cherry picked from commit 4507e5034cf7caf372a0105ef74665161c02769b)
---
net/wireguard-kmod/Makefile | 3 +-
net/wireguard-kmod/distinfo | 6 +-
.../patch-dd04bc5aa4a3607fd2277a5d7953a2a20a411696 | 99 ----------------------
.../patch-e03bf597383cef7f16c41fa4952a6b04093e9e64 | 52 ------------
4 files changed, 4 insertions(+), 156 deletions(-)
diff --git a/net/wireguard-kmod/Makefile b/net/wireguard-kmod/Makefile
index e0565d48f874..e6f8f888b14c 100644
--- a/net/wireguard-kmod/Makefile
+++ b/net/wireguard-kmod/Makefile
@@ -1,7 +1,6 @@
PORTNAME= wireguard-kmod
-PORTVERSION= 0.0.20210424
-PORTREVISION= 1
+PORTVERSION= 0.0.20210428
CATEGORIES= net net-vpn
MASTER_SITES= https://git.zx2c4.com/wireguard-freebsd/snapshot/
DISTNAME= wireguard-freebsd-${PORTVERSION}
diff --git a/net/wireguard-kmod/distinfo b/net/wireguard-kmod/distinfo
index 6d488ac7d47f..bd9f313245ae 100644
--- a/net/wireguard-kmod/distinfo
+++ b/net/wireguard-kmod/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1619285662
-SHA256 (wireguard-freebsd-0.0.20210424.tar.xz) = bfa8d3c4854f802567db51a89fdea32e7bf98a3d54a525359bdb240f2e864735
-SIZE (wireguard-freebsd-0.0.20210424.tar.xz) = 49948
+TIMESTAMP = 1619688377
+SHA256 (wireguard-freebsd-0.0.20210428.tar.xz) = cceebd8f3f21d522342b3629fa0350e4fbc64a00035d330f82301741e56def46
+SIZE (wireguard-freebsd-0.0.20210428.tar.xz) = 50404
diff --git a/net/wireguard-kmod/files/patch-dd04bc5aa4a3607fd2277a5d7953a2a20a411696 b/net/wireguard-kmod/files/patch-dd04bc5aa4a3607fd2277a5d7953a2a20a411696
deleted file mode 100644
index 3aabba31d857..000000000000
--- a/net/wireguard-kmod/files/patch-dd04bc5aa4a3607fd2277a5d7953a2a20a411696
+++ /dev/null
@@ -1,99 +0,0 @@
-From dd04bc5aa4a3607fd2277a5d7953a2a20a411696 Mon Sep 17 00:00:00 2001
-From: "Jason A. Donenfeld" <Jason at zx2c4.com>
-Date: Sat, 24 Apr 2021 16:12:23 -0400
-Subject: wg_noise: compile on 32-bit
-
-The lack of 64bit atomic helpers on 32bit is an annoyance.
-
-Signed-off-by: Jason A. Donenfeld <Jason at zx2c4.com>
----
- src/wg_noise.c | 44 +++++++++++++++++++++++++++++++++++++-------
- 1 file changed, 37 insertions(+), 7 deletions(-)
-
-diff --git a/src/wg_noise.c b/src/wg_noise.c
-index 5ef7a58c3146..7acf1b6ab7cb 100644
---- wg_noise.c
-+++ wg_noise.c
-@@ -780,11 +780,14 @@ noise_keypair_remote(struct noise_keypair *kp)
- int
- noise_keypair_nonce_next(struct noise_keypair *kp, uint64_t *send)
- {
-+ if (!ck_pr_load_bool(&kp->kp_can_send))
-+ return (EINVAL);
-+
- #ifdef __LP64__
-- *send = atomic_fetchadd_64(&kp->kp_nonce_send, 1);
-+ *send = ck_pr_faa_64(&kp->kp_nonce_send, 1);
- #else
- rw_wlock(&kp->kp_nonce_lock);
-- *send = ctr->c_send++;
-+ *send = kp->kp_nonce_send++;
- rw_wunlock(&kp->kp_nonce_lock);
- #endif
- if (*send < REJECT_AFTER_MESSAGES)
-@@ -821,7 +824,11 @@ noise_keypair_nonce_check(struct noise_keypair *kp, uint64_t recv)
- for (i = 1; i <= top; i++)
- kp->kp_backtrack[
- (i + index_ctr) & (COUNTER_NUM - 1)] = 0;
-+#ifdef __LP64__
- ck_pr_store_64(&kp->kp_nonce_recv, recv);
-+#else
-+ kp->kp_nonce_recv = recv;
-+#endif
- }
-
- index_recv %= COUNTER_NUM;
-@@ -844,14 +851,27 @@ noise_keep_key_fresh_send(struct noise_remote *r)
- struct epoch_tracker et;
- struct noise_keypair *current;
- int keep_key_fresh;
-+ uint64_t nonce;
-
- NET_EPOCH_ENTER(et);
- current = ck_pr_load_ptr(&r->r_current);
-- keep_key_fresh = current != NULL && ck_pr_load_bool(¤t->kp_can_send) && (
-- ck_pr_load_64(¤t->kp_nonce_send) > REKEY_AFTER_MESSAGES ||
-- (current->kp_is_initiator && noise_timer_expired(current->kp_birthdate, REKEY_AFTER_TIME, 0)));
-- NET_EPOCH_EXIT(et);
-+ keep_key_fresh = current != NULL && ck_pr_load_bool(¤t->kp_can_send);
-+ if (!keep_key_fresh)
-+ goto out;
-+#ifdef __LP64__
-+ nonce = ck_pr_load_64(¤t->kp_nonce_send);
-+#else
-+ rw_rlock(¤t->kp_nonce_lock);
-+ nonce = current->kp_nonce_send;
-+ rw_runlock(¤t->kp_nonce_lock);
-+#endif
-+ keep_key_fresh = nonce > REKEY_AFTER_MESSAGES;
-+ if (keep_key_fresh)
-+ goto out;
-+ keep_key_fresh = current->kp_is_initiator && noise_timer_expired(current->kp_birthdate, REKEY_AFTER_TIME, 0);
-
-+out:
-+ NET_EPOCH_EXIT(et);
- return (keep_key_fresh ? ESTALE : 0);
- }
-
-@@ -885,7 +905,17 @@ noise_keypair_encrypt(struct noise_keypair *kp, uint32_t *r_idx, uint64_t nonce,
- int
- noise_keypair_decrypt(struct noise_keypair *kp, uint64_t nonce, struct mbuf *m)
- {
-- if (ck_pr_load_64(&kp->kp_nonce_recv) >= REJECT_AFTER_MESSAGES ||
-+ uint64_t cur_nonce;
-+
-+#ifdef __LP64__
-+ cur_nonce = ck_pr_load_64(&kp->kp_nonce_recv);
-+#else
-+ rw_rlock(&kp->kp_nonce_lock);
-+ cur_nonce = kp->kp_nonce_recv;
-+ rw_runlock(&kp->kp_nonce_lock);
-+#endif
-+
-+ if (cur_nonce >= REJECT_AFTER_MESSAGES ||
- noise_timer_expired(kp->kp_birthdate, REJECT_AFTER_TIME, 0))
- return (EINVAL);
-
---
-cgit v1.2.3-11-g984f
-
diff --git a/net/wireguard-kmod/files/patch-e03bf597383cef7f16c41fa4952a6b04093e9e64 b/net/wireguard-kmod/files/patch-e03bf597383cef7f16c41fa4952a6b04093e9e64
deleted file mode 100644
index 1705a0f9a69f..000000000000
--- a/net/wireguard-kmod/files/patch-e03bf597383cef7f16c41fa4952a6b04093e9e64
+++ /dev/null
@@ -1,52 +0,0 @@
-From e03bf597383cef7f16c41fa4952a6b04093e9e64 Mon Sep 17 00:00:00 2001
-From: "Jason A. Donenfeld" <Jason at zx2c4.com>
-Date: Sun, 25 Apr 2021 10:45:39 -0400
-Subject: if_wg: re-add epoch tracking to transmit
-
-This was accidentally removed before. We need it to work around v6 core
-bugs.
-
-Signed-off-by: Jason A. Donenfeld <Jason at zx2c4.com>
----
- src/if_wg.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/src/if_wg.c b/src/if_wg.c
-index 095a4f37f8dc..0c2565ce56c0 100644
---- if_wg.c
-+++ if_wg.c
-@@ -2063,6 +2063,7 @@ error:
- static int
- wg_transmit(struct ifnet *ifp, struct mbuf *m)
- {
-+ struct epoch_tracker et;
- struct wg_packet *pkt = m->m_pkthdr.PH_loc.ptr;
- struct wg_softc *sc = ifp->if_softc;
- struct wg_peer *peer;
-@@ -2070,6 +2071,7 @@ wg_transmit(struct ifnet *ifp, struct mbuf *m)
- int rc = 0;
- sa_family_t peer_af;
-
-+ NET_EPOCH_ENTER(et);
- /* Work around lifetime issue in the ipv6 mld code. */
- if (__predict_false((ifp->if_flags & IFF_DYING) || !sc)) {
- rc = ENXIO;
-@@ -2109,11 +2111,15 @@ wg_transmit(struct ifnet *ifp, struct mbuf *m)
- wg_queue_push_staged(&peer->p_stage_queue, pkt);
- wg_peer_send_staged(peer);
- noise_remote_put(peer->p_remote);
-+ NET_EPOCH_EXIT(et);
-+
- return (0);
- err_peer:
- noise_remote_put(peer->p_remote);
- err:
- if_inc_counter(sc->sc_ifp, IFCOUNTER_OERRORS, 1);
-+ NET_EPOCH_EXIT(et);
-+ /* TODO: send ICMP unreachable? */
- wg_packet_free(pkt);
- return (rc);
- }
---
-cgit v1.2.3-11-g984f
-
More information about the dev-commits-ports-all
mailing list